Canadian hospital employees leaked personal details to financial firms

Share this article:

Up to 8,300 patients had their personal information stolen and given to financial companies by staff at Ontario's Rouge Valley Centenary Hospital, it was revealed.

Two staff at the health care facility, in the city of Scarborough, were paid by outside companies to deliver names, addresses and phone numbers. These were then used to contact families to sell Registered Education Savings Plans (RESPs), a spokesman for the hospital reportedly said. RESPs are investment schemes designed to prepare for a child's post secondary education.

The breach was discovered in two parts. The biggest, involving 7,600 patients, was discovered in October. A second, smaller breach came to light in March this year. Most of the individuals affected were new mothers.

Ann Cavoukian, Ontario privacy commissioner, and the Ontario Securities Commission are investigating the incident. The two employees involved no longer work at the hospital.

Share this article:
You must be a registered member of SC Magazine to post a comment.

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

CSEC mishandled private communications, says watchdog

Canada's foreign spy agency mishandled information on private communications that it had collected by mistake, according to the most recent report by a government watchdog.

National Research Council breached

Canada's National Research Council has written to partner companies informing them of a breach of its cybersecurity systems.

Canadian ISP used In $83,000 cryptocurrency heist

A Canadian ISP has been identified as the source of a cryptocurrency hack that stole $83,000 over four months.